Rule 244 of the Draft Income-tax Rules, 2026 prescribes the due diligence procedures to be followed by reporting crypto-asset service providers under section 509 of the Act to identify reportable users. A crypto-asset user becomes a reportable user from the date they are identified through the prescribed due diligence process. Service providers must obtain a self-certification from individual users at the time of establishing the relationship, or for pre-existing users within twelve months from 1 January 2026, to determine their tax residence and verify the reasonableness of such certification using information gathered through Anti-Money Laundering (AML) or Know Your Customer (KYC) procedures. If a change in circumstances indicates that the original self-certification is unreliable or incorrect, the provider must obtain a new certification or supporting explanation and documentation. Similar procedures apply to entity crypto-asset users, including obtaining self-certification regarding their tax residence and determining whether they are reportable users or entities with controlling persons who are reportable persons. Reporting crypto-asset service providers must also identify controlling persons of entities using AML or KYC information or similar procedures. Self-certifications must contain prescribed details such as name, address, tax residence, TIN where applicable, and date of birth for individuals. Certain exceptions apply where TINs are not issued or required by the jurisdiction of residence. Providers may rely on third parties to perform due diligence, but responsibility remains with the reporting service provider. All documentation and data must be retained for at least seven tax years after the reporting period. The rule also provides detailed guidance on validating self-certifications, handling changes in circumstances, reliance on documentation, and determining tax residence for individuals and entities, ensuring that crypto-asset users are properly identified for tax reporting purposes.
Extract of Rule No. 244 of Draft Income-tax Rules, 2026
Rule 244
Due diligence procedures under section 509 of the Act.
(1) A crypto-asset user is treated as a reportable user beginning as of the date it is identified as such pursuant to the due diligence procedures described in this rule.
(2) The following procedures shall apply for the purposes of determining whether the individual crypto-asset user is a reportable user, namely:–
(a) when establishing the relationship with the individual crypto-asset user, or with respect to pre-existing individual crypto-asset users within twelve months on and from the 1st January, 2026, the reporting crypto-asset service provider shall––
(i) obtain a self-certification that allows the reporting crypto-asset service provider to determine the residence(s) of individual crypto-asset users for tax purposes; and
(ii) confirm the reasonableness of such self-certification based on the information obtained by the reporting crypto-asset service provider, including any documentation collected pursuant to Anti Money Laundering or Know Your Customer Procedures;
(b) if at any point there is a change of circumstances with respect to an individual crypto-asset user that causes the reporting crypto-asset service provider to know, or have reason to know, that the original self-certification is incorrect or unreliable, then the reporting crypto-asset service provider––
(i) cannot rely on the original self-certification; (ii) shall obtain a valid self-certification, or a reasonable explanation; and (iii) the documentation supporting the validity of the original self-certification, wherever appropriate.
(3) For the purposes of determining whether––
(a) the entity crypto-asset user is a reportable user; or
(b) an entity, other than an excluded person or an active entity, with one or more controlling persons who are the reportable persons, the following procedures shall apply, namely:––
(i) when establishing the relationship with the entity crypto-asset user, or with respect to pre-existing entity crypto-assets users within twelve months on and from the 1st January, 2025, the reporting crypto-asset service provider shall––
(A) obtain a self-certification that allows the reporting crypto-asset service provider to determine the residence(s) of the entity crypto-asset user for tax purposes; and
(B) confirm the reasonableness of such self-certification based on the information obtained by the reporting crypto-asset service provider, including any documentation collected pursuant to Anti Money Laundering or Know Your Customer Procedures;
(ii) if the entity crypto-asset user certifies that it has no residence for tax purposes, the reporting crypto-asset service provider shall rely on the place of effective management or on the address of the principal office to determine the residence of the entity crypto-asset user;
(iii) if the self-certification indicates that the entity crypto-asset user is resident in a country or territory outside India, the reporting crypto-asset service provider shall treat the entity crypto-asset user as a reportable user, unless it reasonably determines based on the self-certification or on information in its possession or that is publicly available, that the entity crypto-asset user is an excluded person.
(4) With respect to an entity crypto-asset user, other than an excluded person, the reporting crypto-asset service provider shall determine whether it has one or more controlling persons who are reportable persons, unless it determines that the entity crypto-asset user is an active entity, based on a self-certification from the entity crypto-asset user.
(5) For the purposes of determining the controlling persons of the entity crypto-asset user,––
(a) a reporting crypto-asset service provider may rely on the information collected and maintained pursuant to Anti Money Laundering or Know Your Customer Procedures, provided that such procedures are consistent with the 2012 Financial Action Task Force Recommendations, as updated in June, 2019 pertaining to virtual asset service providers and as further updated from time to time; and
(b) where the reporting crypto-asset service provider is not legally required to apply Anti Money Laundering or Know Your Customer Procedures, that are consistent with the 2012 Financial Action Task Force Recommendations, as updated in June, 2019 pertaining to virtual asset service providers, it shall apply substantially similar procedures for the purposes of determining the controlling persons.
(6) For the purposes of determining whether a controlling person is a reportable person, a reporting crypto-asset service provider shall rely on a self-certification from the entity crypto asset user or such controlling person that allows the reporting crypto-asset service provider to determine the controlling person’s residence(s) for tax purposes and confirm the reasonableness of such self-certification based on the information obtained by the reporting crypto-asset service provider, including any documentation collected pursuant to Anti Money Laundering or Know Your Customer Procedures.
(7) If at any point there is a change of circumstances with respect to an entity crypto-asset user or its controlling persons that causes the reporting crypto-asset service provider to know, or Draft Income-tax Rules, 2026 331 have reason to know, that the original self-certification is incorrect or unreliable, then the reporting crypto-asset service provider––
(a) cannot rely on the original self-certification;
(b) shall obtain a valid self-certification, or a reasonable explanation; and (c) the documentation supporting the validity of the original self-certification, wherever appropriate.
(8) A self-certification provided by an individual crypto-asset user or controlling person is valid only if it is signed or otherwise positively affirmed by the individual crypto-asset user or controlling person, it is dated at the latest at the date of receipt and it contains the following information with respect to the individual crypto-asset user or controlling person:
(a) first and last name;
(b) residence address; (c) country(s) or territory(s) of residence for tax purposes;
(d) with respect to each reportable person, the TIN with respect to each country or territory outside India in which it is a resident for tax purposes; and
(e) date of birth.
(9) A self-certification provided by an entity crypto-asset user is valid only if it is signed or otherwise positively affirmed by the crypto-asset user, it is dated at the latest at the date of receipt and it contains the following information with respect to the entity crypto-asset user:
(a) legal name;
(b) address; (c) country(s) or territory(s) of residence for tax purposes;
(d) with respect to each reportable person, the TIN with respect to each country or territory outside India in which it is a resident for tax purposes;
(e) in case of an entity crypto-asset user other than an active entity or an excluded person, the information described in sub-rule (8) with respect to each controlling person of the entity crypto-asset user, unless such controlling person has provided a selfcertification pursuant to sub-rule (8), as well as the role(s) by virtue of which each reportable person is a controlling person of the entity, if not already determined on the basis of Anti Money Laundering or Know Your Customer Procedures; and (f) if applicable, the information as to the criteria it meets to be treated as an active entity or excluded person.
(10) Irrespective of anything provided in sub-rules (8) and (9), the TIN is not required to be collected–– (a) if the country or territory of residence of the reportable person does not issue a TIN to the reportable person; or (b) the domestic law of the relevant country or territory outside India does not require the collection of the TIN issued by such country or territory.
(11) A reporting crypto-asset service provider may rely on a third party to fulfil the due diligence obligations set out in this rule, but such obligations remain the responsibility of the reporting crypto-asset service provider.
(12) A reporting crypto-asset service provider is required to maintain all documentation and data for a period of not less than seven tax years after the end of the period within which the reporting crypto-asset service provider shall report the information required to be reported pursuant to rule 243.
(13) (a) For the purposes of sub-rule (2):—
(i) where an individual is resident for tax purposes in two or more countries or territories outside India, all such country(s) or territory(s) of residence are to be declared in a selfcertification and the reporting crypto-asset service provider shall treat the individual crypto-asset user as a reportable user in respect of each such country or territory outside India;
(ii) a reporting crypto-asset service provider is considered to have confirmed the “reasonableness” of a self-certification if, in the course of establishing a relationship with an individual crypto-asset user and upon review of the information obtained in connection with the establishment of the relationship (including any documentation collected pursuant to Anti Money Laundering or Know Your Customer Procedures), it does not know or have reason to know that the self-certification is incorrect or unreliable;
(iii) where the self-certification fails the reasonableness test, the reporting crypto-asset service provider shall obtain either a valid self-certification, or a reasonable explanation and documentation (as appropriate) supporting the reasonableness of the selfcertification, and retain a copy or a notation of such explanation and documentation before providing services effectuating relevant transactions to the individual crypto asset user;
(iv) for the purposes of clause (b) of sub-rule (2), a reporting crypto-asset service provider is said to have reason to know that a self-certification is unreliable or incorrect, if its knowledge of relevant facts or statements contained in the self-certification or other documentation is such that a reasonably prudent person in the position of the reporting crypto-asset service provider would question the claim being made;
(v) a reporting crypto-asset service provider also has reason to know that a selfcertification is unreliable or incorrect, if there is information in the documentation or in the files of the reporting crypto-asset service provider that conflicts with the claim of the person regarding its status;
(vi) a reporting crypto-asset service provider has reason to know that a self-certification provided by a person is unreliable or incorrect, if the self-certification is incomplete with respect to any item on the self-certification that is relevant to the claims made by the person, the self-certification contains any information that is inconsistent with the claim of the person, or the reporting crypto-asset service provider has other information that is inconsistent with the claim of the person;
(vii) a reporting crypto-asset service provider that relies on a service provider to review and maintain a self-certification is considered to know or have reason to know the facts within the knowledge of the service provider;
(viii) a reporting crypto-asset service provider may not rely on documentation provided by a person, if the documentation does not reasonably establish the identity of the person presenting the documentation;
(ix) a reporting crypto-asset service provider may not rely on documentation, if the documentation contains information that is inconsistent with the claim of the person as to its status, the reporting crypto-asset service provider has other information that is inconsistent with the status of the person, or the documentation lacks information necessary to establish the status of the person;
(x) the expression “change of circumstances” includes any change that results in the addition of information relevant to the status of an individual crypto-asset user or otherwise conflicts with the status of such user, or any change or addition of information to any profile associated with such individual crypto-asset user, if such change or addition of information affects the status of the individual crypto-asset user;
(xi) a change of circumstances affecting the self-certification provided to the reporting crypto-asset service provider will terminate the validity of the self-certification with respect to the information that is no longer reliable, until the information is updated; (xii) where a change of circumstances occurs, the reporting crypto-asset service provider cannot rely on the original self-certification and shall obtain either
(A) a valid self-certification that establishes the residence(s) for tax purposes of the individual crypto-asset user; or
(B) a reasonable explanation and documentation supporting the validity of the original self-certification (and retain a copy or a notation of such explanation and documentation);
(xiii) a self-certification becomes invalid on the date the reporting crypto-asset service provider holding the self-certification knows or has reason to know that circumstances affecting the correctness of the self-certification have changed;
(xiv) a reporting crypto-asset service provider may choose to treat a person as having the same status that it had prior to the change in circumstances until the earlier of 90 calendar days from the date that the self-certification became invalid due to the change in circumstances, the date that the validity of the self-certification is confirmed, or the date that a new self-certification is obtained;
(xv) where reporting crypto-asset service provider cannot obtain a confirmation of the validity of the original self-certification or a valid self-certification during such ninety day period, the reporting crypto-asset service provider shall treat the individual crypto asset user as resident of the country(s) or territory(s) in which the individual crypto asset user claimed to be resident in the original self-certification and the country(s) or territory(s) in which the individual crypto-asset user may be resident as a result of the change in circumstances;
(xvi) a reporting crypto-asset service provider may rely on a self-certification without having to inquire into possible changes of circumstances that may affect the validity of the statement, unless it knows or has reason to know that the circumstances have changed;
(xvii) a reporting crypto-asset service provider may retain an original, certified copy, or photocopy (including a microfiche, electronic scan or similar means of electronic storage) or electronic copy of the self-certification;
(xviii) a reporting crypto-asset service provider may treat a self-certification as valid, irrespective of whether the self-certification contains an inconsequential error, if the reporting crypto-asset service provider has sufficient documentation on file to supplement the information missing from the self-certification due to the error and the documentation relied upon to cure the inconsequential error shall be conclusive. (b) For the purposes of sub-rule (3);—
(i) “publicly available” information includes information published by an authorised government body of a country or territory, such as––
(A) information in a list published by a tax administration;
(B) information in a publicly accessible register maintained or authorised by an authorised government body of such country or territory; or
(C) information disclosed on an established securities market;
(ii) if an entity is subject to tax as a resident in more than one country or territory outside India, all country(s) or territory(s) of residence are to be declared in a self-certification and the reporting crypto-asset service provider shall treat the entity crypto-asset user as a reportable user in respect of each such country or territory outside India;
(iii) reporting crypto-asset service provider is considered to have confirmed the “reasonableness” of a self-certification if, in the course of establishing a relationship with the entity crypto-asset user and upon review of the information obtained in connection with the establishment of the relationship (including any documentation collected pursuant to Anti Money Laundering or Know Your Customer Procedures), it does not know or have reason to know that the selfcertification is incorrect or unreliable;
(iv) in case a self-certification fails the reasonableness test, the reporting crypto asset service provider shall obtain either–
(A) a valid self-certification; or
(B) a reasonable explanation and documentation supporting the reasonableness of the self-certification before providing services effecting relevant transactions to the entity crypto-asset user;
(c) For the purposes of sub-rules (8) and (9), a self-certification may be signed (or otherwise positively affirmed) by any person authorised to sign on behalf of the individual crypto-asset user or controlling person under domestic law.
(d) For the purposes of sub-rule (11), the following situations apply in which reporting crypto-asset service provider shall rely on documentation of a third party to fulfil its due diligence obligations, namely:––
(i) with respect to documentation collected by third party service providers, agents or where a reporting crypto-asset service provider relies on documentation of an acquired business; and
(ii) with respect to the situation where a reporting crypto-asset service provider relies on other reporting crypto-asset service providers that handle the same relevant transaction.
(14) For the purposes of rule 241, 242, 243 and this rule, exchange of any information in respect of any transaction in relevant crypto-asset is only for the limited purposes of administration of taxes by the relevant jurisdiction
